You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ma...@apache.org on 2016/04/15 22:04:06 UTC
[14/22] nifi git commit: NIFI-1551: - Removing the AuthorityProvider.
- Refactoring REST API in preparation for introduction of the Authorizer. -
Updating UI accordingly. - Removing unneeded properties from nifi.properties.
- Addressing comments from PR.
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java
index d6de553..5621990 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiServiceFacade.java
@@ -16,38 +16,14 @@
*/
package org.apache.nifi.web;
-import java.nio.charset.StandardCharsets;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.LinkedHashMap;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.ListIterator;
-import java.util.Map;
-import java.util.Set;
-import java.util.TimeZone;
-import java.util.UUID;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Function;
-import java.util.function.Supplier;
-
-import javax.ws.rs.WebApplicationException;
-
-import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.action.Action;
import org.apache.nifi.action.Component;
import org.apache.nifi.action.FlowChangeAction;
import org.apache.nifi.action.Operation;
import org.apache.nifi.action.details.FlowChangePurgeDetails;
-import org.apache.nifi.admin.service.AccountNotFoundException;
import org.apache.nifi.admin.service.AuditService;
-import org.apache.nifi.admin.service.UserService;
-import org.apache.nifi.authorization.Authority;
+import org.apache.nifi.admin.service.KeyService;
import org.apache.nifi.cluster.context.ClusterContext;
import org.apache.nifi.cluster.context.ClusterContextThreadLocal;
import org.apache.nifi.cluster.manager.exception.UnknownNodeException;
@@ -84,9 +60,7 @@ import org.apache.nifi.remote.RootGroupPort;
import org.apache.nifi.reporting.Bulletin;
import org.apache.nifi.reporting.BulletinQuery;
import org.apache.nifi.reporting.BulletinRepository;
-import org.apache.nifi.user.AccountStatus;
import org.apache.nifi.user.NiFiUser;
-import org.apache.nifi.user.NiFiUserGroup;
import org.apache.nifi.util.FormatUtils;
import org.apache.nifi.util.NiFiProperties;
import org.apache.nifi.web.api.dto.BulletinBoardDTO;
@@ -127,8 +101,6 @@ import org.apache.nifi.web.api.dto.RevisionDTO;
import org.apache.nifi.web.api.dto.SnippetDTO;
import org.apache.nifi.web.api.dto.SystemDiagnosticsDTO;
import org.apache.nifi.web.api.dto.TemplateDTO;
-import org.apache.nifi.web.api.dto.UserDTO;
-import org.apache.nifi.web.api.dto.UserGroupDTO;
import org.apache.nifi.web.api.dto.action.ActionDTO;
import org.apache.nifi.web.api.dto.action.HistoryDTO;
import org.apache.nifi.web.api.dto.action.HistoryQueryDTO;
@@ -156,12 +128,28 @@ import org.apache.nifi.web.dao.RemoteProcessGroupDAO;
import org.apache.nifi.web.dao.ReportingTaskDAO;
import org.apache.nifi.web.dao.SnippetDAO;
import org.apache.nifi.web.dao.TemplateDAO;
-import org.apache.nifi.web.security.user.NewAccountRequest;
import org.apache.nifi.web.security.user.NiFiUserUtils;
import org.apache.nifi.web.util.SnippetUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
+
+import javax.ws.rs.WebApplicationException;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Date;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+import java.util.Set;
+import java.util.TimeZone;
+import java.util.UUID;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Function;
+import java.util.function.Supplier;
/**
* Implementation of NiFiServiceFacade that performs revision checking.
@@ -193,7 +181,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
// administrative services
private AuditService auditService;
- private UserService userService;
+ private KeyService keyService;
// cluster manager
private WebClusterManager clusterManager;
@@ -207,8 +195,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
// -----------------------------------------
@Override
- public void verifyListQueue(String groupId, String connectionId) {
- connectionDAO.verifyList(groupId, connectionId);
+ public void verifyListQueue(String connectionId) {
+ connectionDAO.verifyList(connectionId);
}
@Override
@@ -217,77 +205,66 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public void verifyUpdateConnection(String groupId, ConnectionDTO connectionDTO) {
+ public void verifyUpdateConnection(ConnectionDTO connectionDTO) {
// if connection does not exist, then the update request is likely creating it
// so we don't verify since it will fail
- if (connectionDAO.hasConnection(groupId, connectionDTO.getId())) {
- connectionDAO.verifyUpdate(groupId, connectionDTO);
+ if (connectionDAO.hasConnection(connectionDTO.getId())) {
+ connectionDAO.verifyUpdate(connectionDTO);
} else {
- connectionDAO.verifyCreate(groupId, connectionDTO);
+ connectionDAO.verifyCreate(connectionDTO.getParentGroupId(), connectionDTO);
}
}
@Override
- public void verifyDeleteConnection(String groupId, String connectionId) {
- connectionDAO.verifyDelete(groupId, connectionId);
+ public void verifyDeleteConnection(String connectionId) {
+ connectionDAO.verifyDelete(connectionId);
}
@Override
- public void verifyDeleteFunnel(String groupId, String funnelId) {
- funnelDAO.verifyDelete(groupId, funnelId);
+ public void verifyDeleteFunnel(String funnelId) {
+ funnelDAO.verifyDelete(funnelId);
}
@Override
- public void verifyUpdateInputPort(String groupId, PortDTO inputPortDTO) {
+ public void verifyUpdateInputPort(PortDTO inputPortDTO) {
// if connection does not exist, then the update request is likely creating it
// so we don't verify since it will fail
- if (inputPortDAO.hasPort(groupId, inputPortDTO.getId())) {
- inputPortDAO.verifyUpdate(groupId, inputPortDTO);
+ if (inputPortDAO.hasPort(inputPortDTO.getId())) {
+ inputPortDAO.verifyUpdate(inputPortDTO);
}
}
@Override
- public void verifyDeleteInputPort(String groupId, String inputPortId) {
- inputPortDAO.verifyDelete(groupId, inputPortId);
+ public void verifyDeleteInputPort(String inputPortId) {
+ inputPortDAO.verifyDelete(inputPortId);
}
@Override
- public void verifyUpdateOutputPort(String groupId, PortDTO outputPortDTO) {
+ public void verifyUpdateOutputPort(PortDTO outputPortDTO) {
// if connection does not exist, then the update request is likely creating it
// so we don't verify since it will fail
- if (outputPortDAO.hasPort(groupId, outputPortDTO.getId())) {
- outputPortDAO.verifyUpdate(groupId, outputPortDTO);
+ if (outputPortDAO.hasPort(outputPortDTO.getId())) {
+ outputPortDAO.verifyUpdate(outputPortDTO);
}
}
@Override
- public void verifyDeleteOutputPort(String groupId, String outputPortId) {
- outputPortDAO.verifyDelete(groupId, outputPortId);
+ public void verifyDeleteOutputPort(String outputPortId) {
+ outputPortDAO.verifyDelete(outputPortId);
}
@Override
public void verifyUpdateProcessor(ProcessorDTO processorDTO) {
- final String groupId = controllerFacade.findProcessGroupIdForProcessor(processorDTO.getId());
-
- // if processor does not exist, then the update request is likely creating it
- // so we don't verify since it will fail
- if (groupId != null) {
- verifyUpdateProcessor(groupId, processorDTO);
- }
- }
-
- @Override
- public void verifyUpdateProcessor(String groupId, ProcessorDTO processorDTO) {
- // if processor does not exist, then the update request is likely creating it
+ // if group does not exist, then the update request is likely creating it
// so we don't verify since it will fail
- if (processorDAO.hasProcessor(groupId, processorDTO.getId())) {
- processorDAO.verifyUpdate(groupId, processorDTO);
+ if (processorDAO.hasProcessor(processorDTO.getId())) {
+ processorDAO.verifyUpdate(processorDTO);
}
}
@Override
- public void verifyDeleteProcessor(String groupId, String processorId) {
- processorDAO.verifyDelete(groupId, processorId);
+ public void verifyDeleteProcessor(String processorId) {
+ processorDAO.verifyDelete(processorId);
}
@Override
@@ -305,27 +282,27 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public void verifyUpdateRemoteProcessGroup(String groupId, RemoteProcessGroupDTO remoteProcessGroupDTO) {
+ public void verifyUpdateRemoteProcessGroup(RemoteProcessGroupDTO remoteProcessGroupDTO) {
// if remote group does not exist, then the update request is likely creating it
// so we don't verify since it will fail
- if (remoteProcessGroupDAO.hasRemoteProcessGroup(groupId, remoteProcessGroupDTO.getId())) {
- remoteProcessGroupDAO.verifyUpdate(groupId, remoteProcessGroupDTO);
+ if (remoteProcessGroupDAO.hasRemoteProcessGroup(remoteProcessGroupDTO.getId())) {
+ remoteProcessGroupDAO.verifyUpdate(remoteProcessGroupDTO);
}
}
@Override
- public void verifyUpdateRemoteProcessGroupInputPort(String groupId, String remoteProcessGroupId, RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
- remoteProcessGroupDAO.verifyUpdateInputPort(groupId, remoteProcessGroupId, remoteProcessGroupPortDTO);
+ public void verifyUpdateRemoteProcessGroupInputPort(String remoteProcessGroupId, RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
+ remoteProcessGroupDAO.verifyUpdateInputPort(remoteProcessGroupId, remoteProcessGroupPortDTO);
}
@Override
- public void verifyUpdateRemoteProcessGroupOutputPort(String groupId, String remoteProcessGroupId, RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
- remoteProcessGroupDAO.verifyUpdateOutputPort(groupId, remoteProcessGroupId, remoteProcessGroupPortDTO);
+ public void verifyUpdateRemoteProcessGroupOutputPort(String remoteProcessGroupId, RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
+ remoteProcessGroupDAO.verifyUpdateOutputPort(remoteProcessGroupId, remoteProcessGroupPortDTO);
}
@Override
- public void verifyDeleteRemoteProcessGroup(String groupId, String remoteProcessGroupId) {
- remoteProcessGroupDAO.verifyDelete(groupId, remoteProcessGroupId);
+ public void verifyDeleteRemoteProcessGroup(String remoteProcessGroupId) {
+ remoteProcessGroupDAO.verifyDelete(remoteProcessGroupId);
}
@Override
@@ -365,43 +342,43 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
// Write Operations
// -----------------------------------------
@Override
- public ConfigurationSnapshot<ConnectionDTO> updateConnection(final Revision revision, final String groupId, final ConnectionDTO connectionDTO) {
+ public ConfigurationSnapshot<ConnectionDTO> updateConnection(final Revision revision, final ConnectionDTO connectionDTO) {
// if connection does not exist, then create new connection
- if (connectionDAO.hasConnection(groupId, connectionDTO.getId()) == false) {
- return createConnection(revision, groupId, connectionDTO);
+ if (connectionDAO.hasConnection(connectionDTO.getId()) == false) {
+ return createConnection(revision, connectionDTO.getParentGroupId(), connectionDTO);
}
- return updateComponent(revision, () -> connectionDAO.updateConnection(groupId, connectionDTO), connection -> dtoFactory.createConnectionDto(connection));
+ return updateComponent(revision, () -> connectionDAO.updateConnection(connectionDTO), connection -> dtoFactory.createConnectionDto(connection));
}
@Override
- public ConfigurationSnapshot<ProcessorDTO> updateProcessor(final Revision revision, final String groupId, final ProcessorDTO processorDTO) {
+ public ConfigurationSnapshot<ProcessorDTO> updateProcessor(final Revision revision, final ProcessorDTO processorDTO) {
// if processor does not exist, then create new processor
- if (processorDAO.hasProcessor(groupId, processorDTO.getId()) == false) {
- return createProcessor(revision, groupId, processorDTO);
+ if (processorDAO.hasProcessor(processorDTO.getId()) == false) {
+ return createProcessor(revision, processorDTO.getParentGroupId(), processorDTO);
}
- return updateComponent(revision, () -> processorDAO.updateProcessor(groupId, processorDTO), proc -> dtoFactory.createProcessorDto(proc));
+ return updateComponent(revision, () -> processorDAO.updateProcessor(processorDTO), proc -> dtoFactory.createProcessorDto(proc));
}
@Override
- public ConfigurationSnapshot<LabelDTO> updateLabel(final Revision revision, final String groupId, final LabelDTO labelDTO) {
+ public ConfigurationSnapshot<LabelDTO> updateLabel(final Revision revision, final LabelDTO labelDTO) {
// if label does not exist, then create new label
- if (labelDAO.hasLabel(groupId, labelDTO.getId()) == false) {
- return createLabel(revision, groupId, labelDTO);
+ if (labelDAO.hasLabel(labelDTO.getId()) == false) {
+ return createLabel(revision, labelDTO.getParentGroupId(), labelDTO);
}
- return updateComponent(revision, () -> labelDAO.updateLabel(groupId, labelDTO), label -> dtoFactory.createLabelDto(label));
+ return updateComponent(revision, () -> labelDAO.updateLabel(labelDTO), label -> dtoFactory.createLabelDto(label));
}
@Override
- public ConfigurationSnapshot<FunnelDTO> updateFunnel(final Revision revision, final String groupId, final FunnelDTO funnelDTO) {
+ public ConfigurationSnapshot<FunnelDTO> updateFunnel(final Revision revision, final FunnelDTO funnelDTO) {
// if label does not exist, then create new label
- if (funnelDAO.hasFunnel(groupId, funnelDTO.getId()) == false) {
- return createFunnel(revision, groupId, funnelDTO);
+ if (funnelDAO.hasFunnel(funnelDTO.getId()) == false) {
+ return createFunnel(revision, funnelDTO.getParentGroupId(), funnelDTO);
}
- return updateComponent(revision, () -> funnelDAO.updateFunnel(groupId, funnelDTO), funnel -> dtoFactory.createFunnelDto(funnel));
+ return updateComponent(revision, () -> funnelDAO.updateFunnel(funnelDTO), funnel -> dtoFactory.createFunnelDto(funnel));
}
@@ -469,63 +446,63 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConfigurationSnapshot<PortDTO> updateInputPort(final Revision revision, final String groupId, final PortDTO inputPortDTO) {
+ public ConfigurationSnapshot<PortDTO> updateInputPort(final Revision revision, final PortDTO inputPortDTO) {
// if input port does not exist, then create new input port
- if (inputPortDAO.hasPort(groupId, inputPortDTO.getId()) == false) {
- return createInputPort(revision, groupId, inputPortDTO);
+ if (inputPortDAO.hasPort(inputPortDTO.getId()) == false) {
+ return createInputPort(revision, inputPortDTO.getParentGroupId(), inputPortDTO);
}
- return updateComponent(revision, () -> inputPortDAO.updatePort(groupId, inputPortDTO), port -> dtoFactory.createPortDto(port));
+ return updateComponent(revision, () -> inputPortDAO.updatePort(inputPortDTO), port -> dtoFactory.createPortDto(port));
}
@Override
- public ConfigurationSnapshot<PortDTO> updateOutputPort(final Revision revision, final String groupId, final PortDTO outputPortDTO) {
+ public ConfigurationSnapshot<PortDTO> updateOutputPort(final Revision revision, final PortDTO outputPortDTO) {
// if output port does not exist, then create new output port
- if (outputPortDAO.hasPort(groupId, outputPortDTO.getId()) == false) {
- return createOutputPort(revision, groupId, outputPortDTO);
+ if (outputPortDAO.hasPort(outputPortDTO.getId()) == false) {
+ return createOutputPort(revision, outputPortDTO.getParentGroupId(), outputPortDTO);
}
- return updateComponent(revision, () -> outputPortDAO.updatePort(groupId, outputPortDTO), port -> dtoFactory.createPortDto(port));
+ return updateComponent(revision, () -> outputPortDAO.updatePort(outputPortDTO), port -> dtoFactory.createPortDto(port));
}
@Override
- public ConfigurationSnapshot<RemoteProcessGroupDTO> updateRemoteProcessGroup(final Revision revision, final String groupId, final RemoteProcessGroupDTO remoteProcessGroupDTO) {
+ public ConfigurationSnapshot<RemoteProcessGroupDTO> updateRemoteProcessGroup(final Revision revision, final RemoteProcessGroupDTO remoteProcessGroupDTO) {
// if controller reference does not exist, then create new controller reference
- if (remoteProcessGroupDAO.hasRemoteProcessGroup(groupId, remoteProcessGroupDTO.getId()) == false) {
- return createRemoteProcessGroup(revision, groupId, remoteProcessGroupDTO);
+ if (remoteProcessGroupDAO.hasRemoteProcessGroup(remoteProcessGroupDTO.getId()) == false) {
+ return createRemoteProcessGroup(revision, remoteProcessGroupDTO.getParentGroupId(), remoteProcessGroupDTO);
}
return updateComponent(revision,
- () -> remoteProcessGroupDAO.updateRemoteProcessGroup(groupId, remoteProcessGroupDTO),
+ () -> remoteProcessGroupDAO.updateRemoteProcessGroup(remoteProcessGroupDTO),
remoteProcessGroup -> dtoFactory.createRemoteProcessGroupDto(remoteProcessGroup));
}
@Override
public ConfigurationSnapshot<RemoteProcessGroupPortDTO> updateRemoteProcessGroupInputPort(
- final Revision revision, final String groupId, final String remoteProcessGroupId, final RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
+ final Revision revision, final String remoteProcessGroupId, final RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
return updateComponent(revision,
- () -> remoteProcessGroupDAO.updateRemoteProcessGroupInputPort(groupId, remoteProcessGroupId, remoteProcessGroupPortDTO),
+ () -> remoteProcessGroupDAO.updateRemoteProcessGroupInputPort(remoteProcessGroupId, remoteProcessGroupPortDTO),
remoteGroupPort -> dtoFactory.createRemoteProcessGroupPortDto(remoteGroupPort));
}
@Override
public ConfigurationSnapshot<RemoteProcessGroupPortDTO> updateRemoteProcessGroupOutputPort(
- final Revision revision, final String groupId, final String remoteProcessGroupId, final RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
+ final Revision revision, final String remoteProcessGroupId, final RemoteProcessGroupPortDTO remoteProcessGroupPortDTO) {
return updateComponent(revision,
- () -> remoteProcessGroupDAO.updateRemoteProcessGroupOutputPort(groupId, remoteProcessGroupId, remoteProcessGroupPortDTO),
+ () -> remoteProcessGroupDAO.updateRemoteProcessGroupOutputPort(remoteProcessGroupId, remoteProcessGroupPortDTO),
remoteGroupPort -> dtoFactory.createRemoteProcessGroupPortDto(remoteGroupPort));
}
@Override
- public ConfigurationSnapshot<ProcessGroupDTO> updateProcessGroup(final Revision revision, final String parentGroupId, final ProcessGroupDTO processGroupDTO) {
+ public ConfigurationSnapshot<ProcessGroupDTO> updateProcessGroup(final Revision revision, final ProcessGroupDTO processGroupDTO) {
// if process group does not exist, then create new process group
if (processGroupDAO.hasProcessGroup(processGroupDTO.getId()) == false) {
- if (parentGroupId == null) {
+ if (processGroupDTO.getParentGroupId() == null) {
throw new IllegalArgumentException("Unable to create the specified process group since the parent group was not specified.");
} else {
- return createProcessGroup(parentGroupId, revision, processGroupDTO);
+ return createProcessGroup(processGroupDTO.getParentGroupId(), revision, processGroupDTO);
}
}
@@ -579,13 +556,13 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public void verifyCanClearProcessorState(final String groupId, final String processorId) {
- processorDAO.verifyClearState(groupId, processorId);
+ public void verifyCanClearProcessorState(final String processorId) {
+ processorDAO.verifyClearState(processorId);
}
@Override
- public ConfigurationSnapshot<Void> clearProcessorState(final Revision revision, final String groupId, final String processorId) {
- return clearComponentState(revision, () -> processorDAO.clearState(groupId, processorId));
+ public ConfigurationSnapshot<Void> clearProcessorState(final Revision revision, final String processorId) {
+ return clearComponentState(revision, () -> processorDAO.clearState(processorId));
}
private ConfigurationSnapshot<Void> clearComponentState(final Revision revision, final Runnable clearState) {
@@ -621,21 +598,21 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConfigurationSnapshot<Void> deleteConnection(final Revision revision, final String groupId, final String connectionId) {
- return deleteComponent(revision, () -> connectionDAO.deleteConnection(groupId, connectionId));
+ public ConfigurationSnapshot<Void> deleteConnection(final Revision revision, final String connectionId) {
+ return deleteComponent(revision, () -> connectionDAO.deleteConnection(connectionId));
}
@Override
- public DropRequestDTO deleteFlowFileDropRequest(String groupId, String connectionId, String dropRequestId) {
- return dtoFactory.createDropRequestDTO(connectionDAO.deleteFlowFileDropRequest(groupId, connectionId, dropRequestId));
+ public DropRequestDTO deleteFlowFileDropRequest(String connectionId, String dropRequestId) {
+ return dtoFactory.createDropRequestDTO(connectionDAO.deleteFlowFileDropRequest(connectionId, dropRequestId));
}
@Override
- public ListingRequestDTO deleteFlowFileListingRequest(String groupId, String connectionId, String listingRequestId) {
- final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.deleteFlowFileListingRequest(groupId, connectionId, listingRequestId));
+ public ListingRequestDTO deleteFlowFileListingRequest(String connectionId, String listingRequestId) {
+ final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.deleteFlowFileListingRequest(connectionId, listingRequestId));
// include whether the source and destination are running
- final Connection connection = connectionDAO.getConnection(groupId, connectionId);
+ final Connection connection = connectionDAO.getConnection(connectionId);
if (connection.getSource() != null) {
listRequest.setSourceRunning(connection.getSource().isRunning());
}
@@ -647,18 +624,18 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConfigurationSnapshot<Void> deleteProcessor(final Revision revision, final String groupId, final String processorId) {
- return deleteComponent(revision, () -> processorDAO.deleteProcessor(groupId, processorId));
+ public ConfigurationSnapshot<Void> deleteProcessor(final Revision revision, final String processorId) {
+ return deleteComponent(revision, () -> processorDAO.deleteProcessor(processorId));
}
@Override
- public ConfigurationSnapshot<Void> deleteLabel(final Revision revision, final String groupId, final String labelId) {
- return deleteComponent(revision, () -> labelDAO.deleteLabel(groupId, labelId));
+ public ConfigurationSnapshot<Void> deleteLabel(final Revision revision, final String labelId) {
+ return deleteComponent(revision, () -> labelDAO.deleteLabel(labelId));
}
@Override
- public ConfigurationSnapshot<Void> deleteFunnel(final Revision revision, final String groupId, final String funnelId) {
- return deleteComponent(revision, () -> funnelDAO.deleteFunnel(groupId, funnelId));
+ public ConfigurationSnapshot<Void> deleteFunnel(final Revision revision, final String funnelId) {
+ return deleteComponent(revision, () -> funnelDAO.deleteFunnel(funnelId));
}
/**
@@ -702,13 +679,13 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConfigurationSnapshot<Void> deleteInputPort(final Revision revision, final String groupId, final String inputPortId) {
- return deleteComponent(revision, () -> inputPortDAO.deletePort(groupId, inputPortId));
+ public ConfigurationSnapshot<Void> deleteInputPort(final Revision revision, final String inputPortId) {
+ return deleteComponent(revision, () -> inputPortDAO.deletePort(inputPortId));
}
@Override
- public ConfigurationSnapshot<Void> deleteOutputPort(final Revision revision, final String groupId, final String outputPortId) {
- return deleteComponent(revision, () -> outputPortDAO.deletePort(groupId, outputPortId));
+ public ConfigurationSnapshot<Void> deleteOutputPort(final Revision revision, final String outputPortId) {
+ return deleteComponent(revision, () -> outputPortDAO.deletePort(outputPortId));
}
@Override
@@ -717,8 +694,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConfigurationSnapshot<Void> deleteRemoteProcessGroup(final Revision revision, final String groupId, final String remoteProcessGroupId) {
- return deleteComponent(revision, () -> remoteProcessGroupDAO.deleteRemoteProcessGroup(groupId, remoteProcessGroupId));
+ public ConfigurationSnapshot<Void> deleteRemoteProcessGroup(final Revision revision, final String remoteProcessGroupId) {
+ return deleteComponent(revision, () -> remoteProcessGroupDAO.deleteRemoteProcessGroup(remoteProcessGroupId));
}
@Override
@@ -733,16 +710,16 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public DropRequestDTO createFlowFileDropRequest(String groupId, String connectionId, String dropRequestId) {
- return dtoFactory.createDropRequestDTO(connectionDAO.createFlowFileDropRequest(groupId, connectionId, dropRequestId));
+ public DropRequestDTO createFlowFileDropRequest(String connectionId, String dropRequestId) {
+ return dtoFactory.createDropRequestDTO(connectionDAO.createFlowFileDropRequest(connectionId, dropRequestId));
}
@Override
- public ListingRequestDTO createFlowFileListingRequest(String groupId, String connectionId, String listingRequestId) {
- final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.createFlowFileListingRequest(groupId, connectionId, listingRequestId));
+ public ListingRequestDTO createFlowFileListingRequest(String connectionId, String listingRequestId) {
+ final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.createFlowFileListingRequest(connectionId, listingRequestId));
// include whether the source and destination are running
- final Connection connection = connectionDAO.getConnection(groupId, connectionId);
+ final Connection connection = connectionDAO.getConnection(connectionId);
if (connection.getSource() != null) {
listRequest.setSourceRunning(connection.getSource().isRunning());
}
@@ -815,11 +792,11 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
return createComponent(revision, funnelDTO, () -> funnelDAO.createFunnel(groupId, funnelDTO), funnel -> dtoFactory.createFunnelDto(funnel));
}
- private void validateSnippetContents(final FlowSnippetDTO flowSnippet, final String groupId) {
+ private void validateSnippetContents(final FlowSnippetDTO flowSnippet) {
// validate any processors
if (flowSnippet.getProcessors() != null) {
for (final ProcessorDTO processorDTO : flowSnippet.getProcessors()) {
- final ProcessorNode processorNode = processorDAO.getProcessor(groupId, processorDTO.getId());
+ final ProcessorNode processorNode = processorDAO.getProcessor(processorDTO.getId());
final Collection<ValidationResult> validationErrors = processorNode.getValidationErrors();
if (validationErrors != null && !validationErrors.isEmpty()) {
final List<String> errors = new ArrayList<>();
@@ -833,7 +810,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
if (flowSnippet.getInputPorts() != null) {
for (final PortDTO portDTO : flowSnippet.getInputPorts()) {
- final Port port = inputPortDAO.getPort(groupId, portDTO.getId());
+ final Port port = inputPortDAO.getPort(portDTO.getId());
final Collection<ValidationResult> validationErrors = port.getValidationErrors();
if (validationErrors != null && !validationErrors.isEmpty()) {
final List<String> errors = new ArrayList<>();
@@ -847,7 +824,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
if (flowSnippet.getOutputPorts() != null) {
for (final PortDTO portDTO : flowSnippet.getOutputPorts()) {
- final Port port = outputPortDAO.getPort(groupId, portDTO.getId());
+ final Port port = outputPortDAO.getPort(portDTO.getId());
final Collection<ValidationResult> validationErrors = port.getValidationErrors();
if (validationErrors != null && !validationErrors.isEmpty()) {
final List<String> errors = new ArrayList<>();
@@ -862,7 +839,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
// get any remote process group issues
if (flowSnippet.getRemoteProcessGroups() != null) {
for (final RemoteProcessGroupDTO remoteProcessGroupDTO : flowSnippet.getRemoteProcessGroups()) {
- final RemoteProcessGroup remoteProcessGroup = remoteProcessGroupDAO.getRemoteProcessGroup(groupId, remoteProcessGroupDTO.getId());
+ final RemoteProcessGroup remoteProcessGroup = remoteProcessGroupDAO.getRemoteProcessGroup(remoteProcessGroupDTO.getId());
if (remoteProcessGroup.getAuthorizationIssue() != null) {
remoteProcessGroupDTO.setAuthorizationIssues(Arrays.asList(remoteProcessGroup.getAuthorizationIssue()));
}
@@ -886,7 +863,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
final FlowSnippetDTO flowSnippet = snippetDAO.copySnippet(groupId, id, originX, originY);
// validate the new snippet
- validateSnippetContents(flowSnippet, groupId);
+ validateSnippetContents(flowSnippet);
// save the flow
controllerFacade.save();
@@ -1012,7 +989,7 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
final FlowSnippetDTO flowSnippet = templateDAO.instantiateTemplate(groupId, originX, originY, templateId);
// validate the new snippet
- validateSnippetContents(flowSnippet, groupId);
+ validateSnippetContents(flowSnippet);
// save the flow
controllerFacade.save();
@@ -1059,16 +1036,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
processorDTO.setId(processorId);
processorDTO.setConfig(config);
- // get the parent group id for the specified processor
- String groupId = controllerFacade.findProcessGroupIdForProcessor(processorId);
-
- // ensure the parent group id was found
- if (groupId == null) {
- throw new ResourceNotFoundException(String.format("Unable to locate Processor with id '%s'.", processorId));
- }
-
// update the processor configuration
- final ProcessorNode processor = processorDAO.updateProcessor(groupId, processorDTO);
+ final ProcessorNode processor = processorDAO.updateProcessor(processorDTO);
// save the flow
controllerFacade.save();
@@ -1262,120 +1231,6 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public void invalidateUser(String userId) {
- try {
- userService.invalidateUserAccount(userId);
- } catch (final AccountNotFoundException anfe) {
- // ignore
- }
- }
-
- @Override
- public void invalidateUserGroup(String userGroup, Set<String> userIds) {
- // invalidates any user currently associated with this group
- if (userGroup != null) {
- userService.invalidateUserGroupAccount(userGroup);
- }
-
- // invalidates any user that will be associated with this group
- if (userIds != null) {
- for (final String userId : userIds) {
- invalidateUser(userId);
- }
- }
- }
-
- @Override
- public UserDTO createUser() {
- NewAccountRequest newAccountRequest = NiFiUserUtils.getNewAccountRequest();
-
- // log the new user account request
- logger.info("Requesting new user account for " + newAccountRequest.getUsername());
-
- // get the justification
- String justification = newAccountRequest.getJustification();
- if (justification == null) {
- justification = StringUtils.EMPTY;
- }
-
- // create the pending user account
- return dtoFactory.createUserDTO(userService.createPendingUserAccount(newAccountRequest.getUsername(), justification));
- }
-
- @Override
- public UserDTO updateUser(UserDTO userDto) {
- NiFiUser user;
-
- // attempt to parse the user id
- final String id = userDto.getId();
-
- // determine the authorities that have been specified in the request
- Set<Authority> authorities = null;
- if (userDto.getAuthorities() != null) {
- authorities = Authority.convertRawAuthorities(userDto.getAuthorities());
- }
-
- // if the account status isn't specified or isn't changing
- final AccountStatus accountStatus = AccountStatus.valueOfStatus(userDto.getStatus());
- if (accountStatus == null || AccountStatus.ACTIVE.equals(accountStatus)) {
- // ensure that authorities have been specified (may be empty, but not null)
- if (authorities == null) {
- throw new IllegalArgumentException("Authorities must be specified when updating an account.");
- }
-
- // update the user account
- user = userService.update(id, authorities);
- } else if (AccountStatus.DISABLED.equals(accountStatus)) {
- // disable the account
- user = userService.disable(id);
- } else {
- throw new IllegalArgumentException("Accounts cannot be marked pending.");
- }
-
- return dtoFactory.createUserDTO(user);
- }
-
- @Override
- public void deleteUser(String userId) {
- userService.deleteUser(userId);
- }
-
- @Override
- public UserGroupDTO updateUserGroup(final UserGroupDTO userGroupDTO) {
- NiFiUserGroup userGroup;
-
- // convert the authorities
- Set<Authority> authorities = null;
- if (userGroupDTO.getAuthorities() != null) {
- authorities = Authority.convertRawAuthorities(userGroupDTO.getAuthorities());
- }
-
- final AccountStatus accountStatus = AccountStatus.valueOfStatus(userGroupDTO.getStatus());
- if (accountStatus == null || AccountStatus.ACTIVE.equals(accountStatus)) {
- // update the user group
- userGroup = userService.updateGroup(userGroupDTO.getGroup(), userGroupDTO.getUserIds(), authorities);
- } else if (AccountStatus.DISABLED.equals(accountStatus)) {
- // disable the accounts
- userGroup = userService.disableGroup(userGroupDTO.getGroup());
- } else {
- throw new IllegalArgumentException("Accounts cannot be marked pending.");
- }
-
- // generate the user group dto
- return dtoFactory.createUserGroupDTO(userGroup);
- }
-
- @Override
- public void removeUserFromGroup(String userId) {
- userService.ungroupUser(userId);
- }
-
- @Override
- public void removeUserGroup(String userGroup) {
- userService.ungroup(userGroup);
- }
-
- @Override
public ProvenanceDTO submitProvenance(ProvenanceDTO query) {
return controllerFacade.submitProvenance(query);
}
@@ -1414,8 +1269,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public DownloadableContent getContent(String groupId, String connectionId, String flowFileUuid, String uri) {
- return connectionDAO.getContent(groupId, connectionId, flowFileUuid, uri);
+ public DownloadableContent getContent(String connectionId, String flowFileUuid, String uri) {
+ return connectionDAO.getContent(connectionId, flowFileUuid, uri);
}
@Override
@@ -1450,24 +1305,16 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
@Override
public ControllerStatusDTO getControllerStatus() {
- // get the controller status
- final ControllerStatusDTO controllerStatus = controllerFacade.getControllerStatus();
-
- // determine if there are any pending user accounts - only include if appropriate
- if (NiFiUserUtils.getAuthorities().contains(Authority.ROLE_ADMIN.toString())) {
- controllerStatus.setHasPendingAccounts(userService.hasPendingUserAccount());
- }
-
- return controllerStatus;
+ return controllerFacade.getControllerStatus();
}
@Override
- public ComponentStateDTO getProcessorState(String groupId, String processorId) {
- final StateMap clusterState = isClustered() ? processorDAO.getState(groupId, processorId, Scope.CLUSTER) : null;
- final StateMap localState = processorDAO.getState(groupId, processorId, Scope.LOCAL);
+ public ComponentStateDTO getProcessorState(String processorId) {
+ final StateMap clusterState = isClustered() ? processorDAO.getState(processorId, Scope.CLUSTER) : null;
+ final StateMap localState = processorDAO.getState(processorId, Scope.LOCAL);
// processor will be non null as it was already found when getting the state
- final ProcessorNode processor = processorDAO.getProcessor(groupId, processorId);
+ final ProcessorNode processor = processorDAO.getProcessor(processorId);
return dtoFactory.createComponentStateDTO(processorId, processor.getProcessor().getClass(), localState, clusterState);
}
@@ -1516,21 +1363,21 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ConnectionDTO getConnection(String groupId, String connectionId) {
- return dtoFactory.createConnectionDto(connectionDAO.getConnection(groupId, connectionId));
+ public ConnectionDTO getConnection(String connectionId) {
+ return dtoFactory.createConnectionDto(connectionDAO.getConnection(connectionId));
}
@Override
- public DropRequestDTO getFlowFileDropRequest(String groupId, String connectionId, String dropRequestId) {
- return dtoFactory.createDropRequestDTO(connectionDAO.getFlowFileDropRequest(groupId, connectionId, dropRequestId));
+ public DropRequestDTO getFlowFileDropRequest(String connectionId, String dropRequestId) {
+ return dtoFactory.createDropRequestDTO(connectionDAO.getFlowFileDropRequest(connectionId, dropRequestId));
}
@Override
- public ListingRequestDTO getFlowFileListingRequest(String groupId, String connectionId, String listingRequestId) {
- final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.getFlowFileListingRequest(groupId, connectionId, listingRequestId));
+ public ListingRequestDTO getFlowFileListingRequest(String connectionId, String listingRequestId) {
+ final ListingRequestDTO listRequest = dtoFactory.createListingRequestDTO(connectionDAO.getFlowFileListingRequest(connectionId, listingRequestId));
// include whether the source and destination are running
- final Connection connection = connectionDAO.getConnection(groupId, connectionId);
+ final Connection connection = connectionDAO.getConnection(connectionId);
if (connection.getSource() != null) {
listRequest.setSourceRunning(connection.getSource().isRunning());
}
@@ -1542,18 +1389,18 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public FlowFileDTO getFlowFile(String groupId, String connectionId, String flowFileUuid) {
- return dtoFactory.createFlowFileDTO(connectionDAO.getFlowFile(groupId, connectionId, flowFileUuid));
+ public FlowFileDTO getFlowFile(String connectionId, String flowFileUuid) {
+ return dtoFactory.createFlowFileDTO(connectionDAO.getFlowFile(connectionId, flowFileUuid));
}
@Override
- public ConnectionStatusDTO getConnectionStatus(String groupId, String connectionId) {
- return controllerFacade.getConnectionStatus(groupId, connectionId);
+ public ConnectionStatusDTO getConnectionStatus(String connectionId) {
+ return controllerFacade.getConnectionStatus(connectionId);
}
@Override
- public StatusHistoryDTO getConnectionStatusHistory(String groupId, String connectionId) {
- return controllerFacade.getConnectionStatusHistory(groupId, connectionId);
+ public StatusHistoryDTO getConnectionStatusHistory(String connectionId) {
+ return controllerFacade.getConnectionStatusHistory(connectionId);
}
@Override
@@ -1610,15 +1457,15 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ProcessorDTO getProcessor(String groupId, String id) {
- final ProcessorNode processor = processorDAO.getProcessor(groupId, id);
+ public ProcessorDTO getProcessor(String id) {
+ final ProcessorNode processor = processorDAO.getProcessor(id);
final ProcessorDTO processorDto = dtoFactory.createProcessorDto(processor);
return processorDto;
}
@Override
- public PropertyDescriptorDTO getProcessorPropertyDescriptor(String groupId, String id, String property) {
- final ProcessorNode processor = processorDAO.getProcessor(groupId, id);
+ public PropertyDescriptorDTO getProcessorPropertyDescriptor(String id, String property) {
+ final ProcessorNode processor = processorDAO.getProcessor(id);
PropertyDescriptor descriptor = processor.getPropertyDescriptor(property);
// return an invalid descriptor if the processor doesn't suppor this property
@@ -1630,13 +1477,13 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public ProcessorStatusDTO getProcessorStatus(String groupId, String id) {
- return controllerFacade.getProcessorStatus(groupId, id);
+ public ProcessorStatusDTO getProcessorStatus(String id) {
+ return controllerFacade.getProcessorStatus(id);
}
@Override
- public StatusHistoryDTO getProcessorStatusHistory(String groupId, String id) {
- return controllerFacade.getProcessorStatusHistory(groupId, id);
+ public StatusHistoryDTO getProcessorStatusHistory(String id) {
+ return controllerFacade.getProcessorStatusHistory(id);
}
@Override
@@ -1693,18 +1540,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
return true;
}
- final Set<String> allowedUsers = port.getUserAccessControl();
- if (allowedUsers.contains(user.getIdentity())) {
- return true;
- }
-
- final String userGroup = user.getUserGroup();
- if (userGroup == null) {
- return false;
- }
-
- final Set<String> allowedGroups = port.getGroupAccessControl();
- return allowedGroups.contains(userGroup);
+ // TODO - defer to authorizer to see if user is able to retrieve site-to-site details for the specified port
+ return true;
}
@Override
@@ -1714,12 +1551,9 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
throw new WebApplicationException(new Throwable("Unable to access details for current user."));
}
- // at this point we know that the user must have ROLE_NIFI because it's required
- // get to the endpoint that calls this method but we'll check again anyways
- final Set<Authority> authorities = user.getAuthorities();
- if (!authorities.contains(Authority.ROLE_NIFI)) {
- throw new AccessDeniedException("User must have the NiFi role in order to access these details.");
- }
+ // TODO - defer to authorizer to see if user is able to retrieve site-to-site details
+
+ // TODO - filter response for access to specific ports
// serialize the input ports this NiFi has access to
final Set<PortDTO> inputPorts = new LinkedHashSet<>();
@@ -1779,11 +1613,6 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public String getInstanceId() {
- return controllerFacade.getInstanceId();
- }
-
- @Override
public ControllerConfigurationDTO getControllerConfiguration() {
ControllerConfigurationDTO controllerConfig = new ControllerConfigurationDTO();
controllerConfig.setName(controllerFacade.getName());
@@ -1822,8 +1651,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public LabelDTO getLabel(String groupId, String labelId) {
- return dtoFactory.createLabelDto(labelDAO.getLabel(groupId, labelId));
+ public LabelDTO getLabel(String labelId) {
+ return dtoFactory.createLabelDto(labelDAO.getLabel(labelId));
}
@Override
@@ -1836,8 +1665,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public FunnelDTO getFunnel(String groupId, String funnelId) {
- return dtoFactory.createFunnelDto(funnelDAO.getFunnel(groupId, funnelId));
+ public FunnelDTO getFunnel(String funnelId) {
+ return dtoFactory.createFunnelDto(funnelDAO.getFunnel(funnelId));
}
@Override
@@ -1885,38 +1714,38 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public PortDTO getInputPort(String groupId, String inputPortId) {
- return dtoFactory.createPortDto(inputPortDAO.getPort(groupId, inputPortId));
+ public PortDTO getInputPort(String inputPortId) {
+ return dtoFactory.createPortDto(inputPortDAO.getPort(inputPortId));
}
@Override
- public PortStatusDTO getInputPortStatus(String groupId, String inputPortId) {
- return controllerFacade.getInputPortStatus(groupId, inputPortId);
+ public PortStatusDTO getInputPortStatus(String inputPortId) {
+ return controllerFacade.getInputPortStatus(inputPortId);
}
@Override
- public PortDTO getOutputPort(String groupId, String outputPortId) {
- return dtoFactory.createPortDto(outputPortDAO.getPort(groupId, outputPortId));
+ public PortDTO getOutputPort(String outputPortId) {
+ return dtoFactory.createPortDto(outputPortDAO.getPort(outputPortId));
}
@Override
- public PortStatusDTO getOutputPortStatus(String groupId, String outputPortId) {
- return controllerFacade.getOutputPortStatus(groupId, outputPortId);
+ public PortStatusDTO getOutputPortStatus(String outputPortId) {
+ return controllerFacade.getOutputPortStatus(outputPortId);
}
@Override
- public RemoteProcessGroupDTO getRemoteProcessGroup(String groupId, String remoteProcessGroupId) {
- return dtoFactory.createRemoteProcessGroupDto(remoteProcessGroupDAO.getRemoteProcessGroup(groupId, remoteProcessGroupId));
+ public RemoteProcessGroupDTO getRemoteProcessGroup(String remoteProcessGroupId) {
+ return dtoFactory.createRemoteProcessGroupDto(remoteProcessGroupDAO.getRemoteProcessGroup(remoteProcessGroupId));
}
@Override
- public RemoteProcessGroupStatusDTO getRemoteProcessGroupStatus(String groupId, String id) {
- return controllerFacade.getRemoteProcessGroupStatus(groupId, id);
+ public RemoteProcessGroupStatusDTO getRemoteProcessGroupStatus(String id) {
+ return controllerFacade.getRemoteProcessGroupStatus(id);
}
@Override
- public StatusHistoryDTO getRemoteProcessGroupStatusHistory(String groupId, String id) {
- return controllerFacade.getRemoteProcessGroupStatusHistory(groupId, id);
+ public StatusHistoryDTO getRemoteProcessGroupStatusHistory(String id) {
+ return controllerFacade.getRemoteProcessGroupStatusHistory(id);
}
@Override
@@ -2057,83 +1886,6 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
}
@Override
- public UserDTO getUser(String userId) {
- // get the user
- NiFiUser user = userService.getUserById(userId);
-
- // ensure the user was found
- if (user == null) {
- throw new ResourceNotFoundException(String.format("Unable to find user with id '%s'.", userId));
- }
-
- return dtoFactory.createUserDTO(user);
- }
-
- @Override
- public Collection<UserDTO> getUsers(Boolean grouped) {
- // get the users
- final Collection<NiFiUser> users = userService.getUsers();
- final Collection<UserDTO> userDTOs = new HashSet<>();
-
- if (grouped) {
- final Map<String, UserDTO> groupedUserDTOs = new HashMap<>();
-
- // group the users
- for (final NiFiUser user : users) {
- if (StringUtils.isNotBlank(user.getUserGroup())) {
- if (groupedUserDTOs.containsKey(user.getUserGroup())) {
- final UserDTO groupedUser = groupedUserDTOs.get(user.getUserGroup());
- groupedUser.setId(groupedUser.getId() + "," + String.valueOf(user.getId()));
- groupedUser.setUserName(groupedUser.getUserName() + ", " + user.getUserName());
- groupedUser.setDn(groupedUser.getDn() + ", " + user.getIdentity());
- groupedUser.setCreation(getOldestDate(groupedUser.getCreation(), user.getCreation()));
- groupedUser.setLastAccessed(getNewestDate(groupedUser.getLastAccessed(), user.getLastAccessed()));
- groupedUser.setLastVerified(getNewestDate(groupedUser.getLastVerified(), user.getLastVerified()));
-
- // only retain the justification if al users have the same justification
- if (groupedUser.getJustification() != null) {
- if (!groupedUser.getStatus().equals(user.getJustification())) {
- groupedUser.setJustification(null);
- }
- }
-
- // only retain the status if all users have the same status
- if (groupedUser.getStatus() != null) {
- if (!groupedUser.getStatus().equals(user.getStatus().toString())) {
- groupedUser.setStatus(null);
- }
- }
-
- // only retain the authorities if all users have the same authorities
- if (groupedUser.getAuthorities() != null) {
- final Set<String> groupAuthorities = new HashSet<>(groupedUser.getAuthorities());
- final Set<String> userAuthorities = Authority.convertAuthorities(user.getAuthorities());
- if (!CollectionUtils.isEqualCollection(groupAuthorities, userAuthorities)) {
- groupedUser.setAuthorities(null);
- }
- }
- } else {
- groupedUserDTOs.put(user.getUserGroup(), dtoFactory.createUserDTO(user));
- }
- } else {
- userDTOs.add(dtoFactory.createUserDTO(user));
- }
- }
-
- // add the grouped users
- userDTOs.addAll(groupedUserDTOs.values());
- } else {
- // convert each into a DTOs
- for (final NiFiUser user : users) {
- userDTOs.add(dtoFactory.createUserDTO(user));
- }
- }
-
- return userDTOs;
- }
-
-
- @Override
public boolean isClustered() {
return controllerFacade.isClustered();
}
@@ -2189,26 +1941,6 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
clusterManager.deleteNode(nodeId, userDn);
}
- @Override
- public ProcessorDTO getProcessor(String id) {
- ClassLoader currentContextClassLoader = Thread.currentThread().getContextClassLoader();
- try {
- String groupId = controllerFacade.findProcessGroupIdForProcessor(id);
-
- // ensure the parent group id was found
- if (groupId == null) {
- throw new ResourceNotFoundException(String.format("Unable to locate Processor with id '%s'.", id));
- }
-
- // get the processor
- return getProcessor(groupId, id);
- } finally {
- if (currentContextClassLoader != null) {
- Thread.currentThread().setContextClassLoader(currentContextClassLoader);
- }
- }
- }
-
/* setters */
public void setProperties(NiFiProperties properties) {
this.properties = properties;
@@ -2246,8 +1978,8 @@ public class StandardNiFiServiceFacade implements NiFiServiceFacade {
this.auditService = auditService;
}
- public void setUserService(UserService userService) {
- this.userService = userService;
+ public void setKeyService(KeyService keyService) {
+ this.keyService = keyService;
}
public void setOptimisticLockingManager(OptimisticLockingManager optimisticLockingManager) {
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java
index cae1175..f5d5e2f 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebConfigurationContext.java
@@ -16,22 +16,8 @@
*/
package org.apache.nifi.web;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URLEncoder;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Objects;
-
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
-
+import com.sun.jersey.core.util.MultivaluedMapImpl;
+import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.action.Action;
import org.apache.nifi.action.Component;
import org.apache.nifi.action.FlowChangeAction;
@@ -42,31 +28,41 @@ import org.apache.nifi.admin.service.AuditService;
import org.apache.nifi.cluster.manager.NodeResponse;
import org.apache.nifi.cluster.manager.impl.WebClusterManager;
import org.apache.nifi.controller.ControllerService;
-import org.apache.nifi.web.security.user.NiFiUserDetails;
-import org.apache.nifi.web.security.user.NiFiUserUtils;
+import org.apache.nifi.controller.ControllerServiceLookup;
+import org.apache.nifi.controller.reporting.ReportingTaskProvider;
import org.apache.nifi.user.NiFiUser;
import org.apache.nifi.util.NiFiProperties;
+import org.apache.nifi.web.api.dto.ControllerServiceDTO;
import org.apache.nifi.web.api.dto.ProcessorConfigDTO;
import org.apache.nifi.web.api.dto.ProcessorDTO;
+import org.apache.nifi.web.api.dto.ReportingTaskDTO;
import org.apache.nifi.web.api.dto.RevisionDTO;
+import org.apache.nifi.web.api.entity.ControllerServiceEntity;
import org.apache.nifi.web.api.entity.ProcessorEntity;
+import org.apache.nifi.web.api.entity.ReportingTaskEntity;
+import org.apache.nifi.web.security.user.NiFiUserDetails;
+import org.apache.nifi.web.security.user.NiFiUserUtils;
+import org.apache.nifi.web.util.ClientResponseUtils;
import org.apache.nifi.web.util.WebUtils;
-
-import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
-import com.sun.jersey.core.util.MultivaluedMapImpl;
-import org.apache.nifi.controller.ControllerServiceLookup;
-import org.apache.nifi.controller.reporting.ReportingTaskProvider;
-import org.apache.nifi.web.api.dto.ControllerServiceDTO;
-import org.apache.nifi.web.api.dto.ReportingTaskDTO;
-import org.apache.nifi.web.api.entity.ControllerServiceEntity;
-import org.apache.nifi.web.api.entity.ReportingTaskEntity;
-import org.apache.nifi.web.util.ClientResponseUtils;
+import javax.ws.rs.HttpMethod;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import java.io.Serializable;
+import java.io.UnsupportedEncodingException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URLEncoder;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Objects;
/**
* Implements the NiFiWebConfigurationContext interface to support a context in both standalone and clustered environments.
@@ -86,13 +82,13 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration
private AuditService auditService;
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public ControllerService getControllerService(String serviceIdentifier) {
return controllerServiceLookup.getControllerService(serviceIdentifier);
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_DFM')")
public void saveActions(final NiFiWebRequestContext requestContext, final Collection<ConfigurationAction> configurationActions) {
Objects.requireNonNull(configurationActions, "Actions cannot be null.");
@@ -158,9 +154,9 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public String getCurrentUserDn() {
- String userIdentity = NiFiUser.ANONYMOUS_USER_IDENTITY;
+ String userIdentity = NiFiUser.ANONYMOUS.getIdentity();
final NiFiUser user = NiFiUserUtils.getNiFiUser();
if (user != null) {
@@ -171,9 +167,9 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public String getCurrentUserName() {
- String userName = NiFiUser.ANONYMOUS_USER_IDENTITY;
+ String userName = NiFiUser.ANONYMOUS.getIdentity();
final NiFiUser user = NiFiUserUtils.getNiFiUser();
if (user != null) {
@@ -184,7 +180,7 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public ComponentDetails getComponentDetails(final NiFiWebRequestContext requestContext) throws ResourceNotFoundException, ClusterRequestException {
final String id = requestContext.getId();
@@ -219,7 +215,7 @@ public class StandardNiFiWebConfigurationContext implements NiFiWebConfiguration
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_DFM')")
public ComponentDetails setAnnotationData(final NiFiWebConfigurationRequestContext requestContext, final String annotationData)
throws ResourceNotFoundException, InvalidRevisionException, ClusterRequestException {
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebContext.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebContext.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebContext.java
index 9667ad6..158dbfa 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebContext.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/StandardNiFiWebContext.java
@@ -16,22 +16,8 @@
*/
package org.apache.nifi.web;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URLEncoder;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Objects;
-
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
-
+import com.sun.jersey.core.util.MultivaluedMapImpl;
+import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.action.Action;
import org.apache.nifi.action.Component;
import org.apache.nifi.action.FlowChangeAction;
@@ -42,26 +28,36 @@ import org.apache.nifi.admin.service.AuditService;
import org.apache.nifi.cluster.manager.NodeResponse;
import org.apache.nifi.cluster.manager.impl.WebClusterManager;
import org.apache.nifi.controller.ControllerService;
-import org.apache.nifi.web.security.user.NiFiUserDetails;
-import org.apache.nifi.web.security.user.NiFiUserUtils;
+import org.apache.nifi.controller.ControllerServiceLookup;
import org.apache.nifi.user.NiFiUser;
import org.apache.nifi.util.NiFiProperties;
import org.apache.nifi.web.api.dto.ProcessorConfigDTO;
import org.apache.nifi.web.api.dto.ProcessorDTO;
import org.apache.nifi.web.api.dto.RevisionDTO;
import org.apache.nifi.web.api.entity.ProcessorEntity;
+import org.apache.nifi.web.security.user.NiFiUserDetails;
+import org.apache.nifi.web.security.user.NiFiUserUtils;
+import org.apache.nifi.web.util.ClientResponseUtils;
import org.apache.nifi.web.util.WebUtils;
-
-import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
-import com.sun.jersey.core.util.MultivaluedMapImpl;
-import org.apache.nifi.controller.ControllerServiceLookup;
-import org.apache.nifi.web.util.ClientResponseUtils;
+import javax.ws.rs.HttpMethod;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import java.io.Serializable;
+import java.io.UnsupportedEncodingException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URLEncoder;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Objects;
/**
* Implements the NiFiWebContext interface to support a context in both standalone and clustered environments.
@@ -81,13 +77,13 @@ public class StandardNiFiWebContext implements NiFiWebContext {
private AuditService auditService;
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public ControllerService getControllerService(String serviceIdentifier) {
return controllerServiceLookup.getControllerService(serviceIdentifier);
}
@Override
- @PreAuthorize("hasRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasRole('ROLE_DFM')")
public void saveActions(final Collection<ProcessorConfigurationAction> processorActions) {
Objects.requireNonNull(processorActions, "Actions cannot be null.");
@@ -129,9 +125,9 @@ public class StandardNiFiWebContext implements NiFiWebContext {
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public String getCurrentUserDn() {
- String userIdentity = NiFiUser.ANONYMOUS_USER_IDENTITY;
+ String userIdentity = NiFiUser.ANONYMOUS.getIdentity();
final NiFiUser user = NiFiUserUtils.getNiFiUser();
if (user != null) {
@@ -142,9 +138,9 @@ public class StandardNiFiWebContext implements NiFiWebContext {
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public String getCurrentUserName() {
- String userName = NiFiUser.ANONYMOUS_USER_IDENTITY;
+ String userName = NiFiUser.ANONYMOUS.getIdentity();
final NiFiUser user = NiFiUserUtils.getNiFiUser();
if (user != null) {
@@ -155,7 +151,7 @@ public class StandardNiFiWebContext implements NiFiWebContext {
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
public ProcessorInfo getProcessor(final NiFiWebContextConfig config) throws ResourceNotFoundException, ClusterRequestException {
final Revision revision = config.getRevision();
@@ -221,7 +217,7 @@ public class StandardNiFiWebContext implements NiFiWebContext {
}
@Override
- @PreAuthorize("hasAnyRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_DFM')")
public void setProcessorAnnotationData(final NiFiWebContextConfig config, String annotationData)
throws ResourceNotFoundException, InvalidRevisionException, ClusterRequestException {
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
index 5ec8d01..c57e4ff 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
@@ -47,7 +47,6 @@ import org.apache.nifi.web.security.jwt.JwtService;
import org.apache.nifi.web.security.kerberos.KerberosService;
import org.apache.nifi.web.security.otp.OtpService;
import org.apache.nifi.web.security.token.LoginAuthenticationToken;
-import org.apache.nifi.web.security.token.NiFiAuthorizationRequestToken;
import org.apache.nifi.web.security.token.OtpAuthenticationToken;
import org.apache.nifi.web.security.user.NiFiUserUtils;
import org.apache.nifi.web.security.x509.X509CertificateExtractor;
@@ -59,8 +58,6 @@ import org.springframework.security.authentication.AccountStatusException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
-import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import javax.servlet.http.HttpServletRequest;
@@ -103,8 +100,6 @@ public class AccessResource extends ApplicationResource {
private KerberosService kerberosService;
- private AuthenticationUserDetailsService<NiFiAuthorizationRequestToken> userDetailsService;
-
/**
* Retrieves the access configuration for this NiFi.
*
@@ -132,7 +127,7 @@ public class AccessResource extends ApplicationResource {
// specify whether login should be supported and only support for secure requests
accessConfiguration.setSupportsLogin(loginIdentityProvider != null && httpServletRequest.isSecure());
- accessConfiguration.setSupportsAnonymous(!properties.getAnonymousAuthorities().isEmpty() || !httpServletRequest.isSecure());
+ accessConfiguration.setSupportsAnonymous(false);
// create the revision
final RevisionDTO revision = new RevisionDTO();
@@ -211,16 +206,12 @@ public class AccessResource extends ApplicationResource {
// without a certificate, this is not a proxied request
final List<String> chain = Arrays.asList(principal);
- // ensure the proxy chain is authorized
- final UserDetails userDetails = checkAuthorization(chain);
+ // TODO - ensure the proxy chain is authorized
+// final UserDetails userDetails = checkAuthorization(chain);
// no issues with authorization... verify authorities
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
- if (userDetails.getAuthorities().isEmpty()) {
- accessStatus.setMessage("Your account is active but currently does not have any level of access.");
- } else {
- accessStatus.setMessage("Your account is active and you are already logged in.");
- }
+ accessStatus.setMessage("Your account is active and you are already logged in.");
} catch (JwtException e) {
throw new InvalidAuthenticationException(e.getMessage(), e);
}
@@ -240,28 +231,19 @@ public class AccessResource extends ApplicationResource {
accessStatus.setIdentity(proxyChain.get(0));
accessStatus.setUsername(CertificateUtils.extractUsername(proxyChain.get(0)));
- // ensure the proxy chain is authorized
- final UserDetails userDetails = checkAuthorization(proxyChain);
+ // TODO - ensure the proxy chain is authorized
+// final UserDetails userDetails = checkAuthorization(proxyChain);
// no issues with authorization... verify authorities
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
- if (userDetails.getAuthorities().isEmpty()) {
- accessStatus.setMessage("Your account is active but currently does not have any level of access.");
- } else {
- accessStatus.setMessage("Your account is active and you are already logged in.");
- }
+ accessStatus.setMessage("Your account is active and you are already logged in.");
} catch (final IllegalArgumentException iae) {
throw new InvalidAuthenticationException(iae.getMessage(), iae);
}
}
} catch (final UsernameNotFoundException unfe) {
- if (properties.getSupportNewAccountRequests()) {
- accessStatus.setStatus(AccessStatusDTO.Status.UNREGISTERED.name());
- accessStatus.setMessage(String.format("Unregistered user %s", accessStatus.getIdentity()));
- } else {
- accessStatus.setStatus(AccessStatusDTO.Status.NOT_ACTIVE.name());
- accessStatus.setMessage("This NiFi does not support new account requests.");
- }
+ accessStatus.setStatus(AccessStatusDTO.Status.NOT_ACTIVE.name());
+ accessStatus.setMessage("This NiFi does not support new account requests.");
} catch (final AccountStatusException ase) {
accessStatus.setStatus(AccessStatusDTO.Status.NOT_ACTIVE.name());
accessStatus.setMessage(ase.getMessage());
@@ -284,16 +266,6 @@ public class AccessResource extends ApplicationResource {
}
/**
- * Checks the status of the proxy.
- *
- * @param proxyChain the proxy chain
- * @throws AuthenticationException if the proxy chain is not authorized
- */
- private UserDetails checkAuthorization(final List<String> proxyChain) throws AuthenticationException {
- return userDetailsService.loadUserDetails(new NiFiAuthorizationRequestToken(proxyChain));
- }
-
- /**
* Creates a single use access token for downloading FlowFile content.
*
* @param httpServletRequest the servlet request
@@ -535,8 +507,8 @@ public class AccessResource extends ApplicationResource {
throw new IllegalArgumentException("Unable to determine the user from the incoming request.");
}
- // authorize the proxy if necessary
- authorizeProxyIfNecessary(proxyChain);
+ // TODO - authorize the proxy if necessary
+// authorizeProxyIfNecessary(proxyChain);
// create the authentication token
loginAuthenticationToken = new LoginAuthenticationToken(proxyChain.get(0), authenticationResponse.getExpiration(), authenticationResponse.getIssuer());
@@ -550,30 +522,6 @@ public class AccessResource extends ApplicationResource {
return generateCreatedResponse(uri, token).build();
}
- /**
- * Ensures the proxyChain is authorized before allowing the user to be authenticated.
- *
- * @param proxyChain the proxy chain
- * @throws AuthenticationException if the proxy chain is not authorized
- */
- private void authorizeProxyIfNecessary(final List<String> proxyChain) throws AuthenticationException {
- if (proxyChain.size() > 1) {
- try {
- userDetailsService.loadUserDetails(new NiFiAuthorizationRequestToken(proxyChain));
- } catch (final UsernameNotFoundException unfe) {
- // if a username not found exception was thrown, the proxies were authorized and now
- // we can issue a new token to the end user which they will use to identify themselves
- // when they enter a new account request
- } catch (final AuthenticationServiceException ase) {
- // throw an administration exception which will return a 500
- throw new AdministrationException(ase.getMessage(), ase);
- } catch (final Exception e) {
- // any other issue we're going to treat as access denied exception which will return 403
- throw new AccessDeniedException(e.getMessage(), e);
- }
- }
- }
-
private long validateTokenExpiration(long proposedTokenExpiration, String identity) {
final long maxExpiration = TimeUnit.MILLISECONDS.convert(12, TimeUnit.HOURS);
final long minExpiration = TimeUnit.MILLISECONDS.convert(1, TimeUnit.MINUTES);
@@ -619,9 +567,4 @@ public class AccessResource extends ApplicationResource {
public void setCertificateIdentityProvider(X509IdentityProvider certificateIdentityProvider) {
this.certificateIdentityProvider = certificateIdentityProvider;
}
-
- public void setUserDetailsService(AuthenticationUserDetailsService<NiFiAuthorizationRequestToken> userDetailsService) {
- this.userDetailsService = userDetailsService;
- }
-
}
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/BulletinBoardResource.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/BulletinBoardResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/BulletinBoardResource.java
index d13b5c9..f7ae37e 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/BulletinBoardResource.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/BulletinBoardResource.java
@@ -16,16 +16,11 @@
*/
package org.apache.nifi.web.api;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.GET;
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
+import com.wordnik.swagger.annotations.ApiOperation;
+import com.wordnik.swagger.annotations.ApiParam;
+import com.wordnik.swagger.annotations.ApiResponse;
+import com.wordnik.swagger.annotations.ApiResponses;
+import com.wordnik.swagger.annotations.Authorization;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.cluster.manager.impl.WebClusterManager;
import org.apache.nifi.util.NiFiProperties;
@@ -38,19 +33,21 @@ import org.apache.nifi.web.api.request.BulletinBoardPatternParameter;
import org.apache.nifi.web.api.request.ClientIdParameter;
import org.apache.nifi.web.api.request.IntegerParameter;
import org.apache.nifi.web.api.request.LongParameter;
-import org.springframework.security.access.prepost.PreAuthorize;
-import com.wordnik.swagger.annotations.Api;
-import com.wordnik.swagger.annotations.ApiOperation;
-import com.wordnik.swagger.annotations.ApiParam;
-import com.wordnik.swagger.annotations.ApiResponse;
-import com.wordnik.swagger.annotations.ApiResponses;
-import com.wordnik.swagger.annotations.Authorization;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.DefaultValue;
+import javax.ws.rs.GET;
+import javax.ws.rs.HttpMethod;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
/**
* RESTful endpoint for managing a Template.
*/
-@Api(hidden = true)
+@Path("bulletin-board")
public class BulletinBoardResource extends ApplicationResource {
private NiFiProperties properties;
@@ -75,9 +72,9 @@ public class BulletinBoardResource extends ApplicationResource {
*/
@GET
@Consumes(MediaType.WILDCARD)
- @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
+ @Produces(MediaType.APPLICATION_JSON)
@Path("") // necessary due to bug in swagger
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
@ApiOperation(
value = "Gets current bulletins",
response = BulletinBoardEntity.class,
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ClusterResource.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ClusterResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ClusterResource.java
index ec4c69e..a2a2d5b 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ClusterResource.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/ClusterResource.java
@@ -42,7 +42,6 @@ import org.apache.nifi.web.api.entity.ClusterSearchResultsEntity;
import org.apache.nifi.web.api.entity.ProcessorEntity;
import org.apache.nifi.web.api.request.ClientIdParameter;
import org.apache.nifi.web.api.request.LongParameter;
-import org.springframework.security.access.prepost.PreAuthorize;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
@@ -115,7 +114,7 @@ public class ClusterResource extends ApplicationResource {
@GET
@Consumes(MediaType.WILDCARD)
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
@ApiOperation(
value = "Gets the contents of the cluster",
notes = "Returns the contents of the cluster including all nodes and their status.",
@@ -171,7 +170,7 @@ public class ClusterResource extends ApplicationResource {
@Consumes(MediaType.WILDCARD)
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Path("/search-results")
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
@ApiOperation(
value = "Searches the cluster for a node with the specified address",
response = ClusterSearchResultsEntity.class,
@@ -245,7 +244,7 @@ public class ClusterResource extends ApplicationResource {
@Consumes(MediaType.WILDCARD)
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Path("/processors/{id}")
- @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_MONITOR', 'ROLE_DFM', 'ROLE_ADMIN')")
@ApiOperation(
value = "Gets the specified processor",
response = ProcessorEntity.class,
@@ -310,7 +309,7 @@ public class ClusterResource extends ApplicationResource {
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Path("/processors/{id}")
- @PreAuthorize("hasAnyRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_DFM')")
public Response updateProcessor(
@Context HttpServletRequest httpServletRequest,
@FormParam(VERSION) LongParameter version,
@@ -360,7 +359,7 @@ public class ClusterResource extends ApplicationResource {
@Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Path("/processors/{id}")
- @PreAuthorize("hasAnyRole('ROLE_DFM')")
+ // TODO - @PreAuthorize("hasAnyRole('ROLE_DFM')")
@ApiOperation(
value = "Updates processor annotation data",
response = ProcessorEntity.class,